Elastic Cloud Enterprise 1.1.4
editElastic Cloud Enterprise 1.1.4
editNew for Elastic Cloud Enterprise version 1.1.4:
- Support for Elasticsearch and Kibana version 6.3.0. This version of Elastic Cloud Enterprise fully supports our latest Elastic Stack version and is required if you want to upgrade.
- Support for installing Elastic Cloud Enterprise on Microsoft Azure. You could previously install ECE on Azure on your own, but we now provide tested instructions for installing our product on Microsoft’s Azure coud platform. To learn more, see Microsoft Azure Virtual Machines.
- New Elasticsearch API Console functionality. A console that provides API access to your Elasticsearch clusters is now available in the Cloud UI. To access the console, select one of your Elasticsearch clusters in the Cloud UI, and then click Console. To learn more, see the API reference.
-
New
hard_reset
API flag. This new API flag affects the rolling strategy used during cluster changes, where only one new node at a time gets created. You use this flag to recover from situations where either the cluster becomes unresponsive or valid cluster configuration plans are failing due to previous failed plan attempts. -
Updated
xfsprogs
library. We now ship version4.5.0-r1
ofxfsprogs
, which is a library used by Elastic Cloud Enterprise to interact with the XFS file system. - Minio on-premise repository configuration. If you need to store your Elasticsearch snapshots locally, you can now use Minio. To learn more, see Snapshotting to Minio.
-
Better installation prerequisite checks. ECE now performs the following additional checks during installation to help ensure trouble-free operation:
- The host storage root volume path cannot point to the root directory.
- The port range for allocators must be in the expected range.
- The user must have deleted the runner from ZooKeeper using the Delete Runner button in the UI before attempting to bootstrap a new runner with the same ID.
-
The user performing the installation must be in the correct
docker
user group.
To upgrade to this version, see Upgrade Your Installation. When you complete the upgrade, run the rolling-credentials-fix.sh
cleanup script to resolve Elastic Security Advisory ESA-2018-12.
If you are using a public Docker registry, you can run the cleanup script as it appears. If you are using a private Docker registry, you must first edit the DOCKER_REGISTRY
and ECE_DOCKER_REPOSITORY
entries in the script to match your setup.
Release date: June 12, 2018
Security fixes
editECE version 1.1.4 includes the following security fixes:
-
ESA-2018-09: We no longer use a shared encryption key for granting ZooKeeper access to Elasticsearch clusters. If you are running an Elastic Cloud Enterprise version before 1.1.4, and if your Elastic Cloud Enterprise environment exposes access to ZooKeeper, you must run the cleanup script
rolling-credentials-fix.sh
to address this Elastic Security Advisory. Instructions are in this knowledge base article. - ESA-2018-12: We corrected an information exposure vulnerability where encryption keys, passwords, and other security sensitive headers could be leaked to the allocator logs under certain exception conditions.
- ESA-2018-13: Users can no longer scale out allocators on new hosts with an invalid roles token.
Bug fixes
editECE includes 1.1.4 includes the following bug fixes:
- Users can no longer scale out allocators on new hosts with an invalid roles token.
-
We now handle installations where the
sysctl
program might not exist on thePATH
of the host system correctly. - Security-sensitive information is no longer logged by the components of Elastic Cloud Enterprise.
- The installation process now provides information about the secrets file that contains important information for the operator.
-
If you are using the
cloud.id
feature with an ECE version before 1.1.4, we now ensure that permissions are set correctly on thecname
ZooKeeper node. To use the Cloud ID, you need to upgrade to this version of ECE. - Snapshot delete API requests now return the correct HTTP status code (201).
-
The cluster creation API now uses a
1:24
memory-to-storage size ratio to be consistent with clusters created from the UI. -
The
_restart
API for instance restarts now performs a per-zone restart correctly. - We now display an error message if you reinstall Elastic Cloud Enterprise without properly clearing an existing node.
- Multiline Elastic Cloud Enterprise logs are now correctly parsed as a single message.
-
We changed the default log level to
debug
frominfo
on the proxy components. -
We removed the
?detailed
flag from the__elb_health__
endpoint. - The ECE upgrade process on RHEL platform now removes all container set configurations before installing new ones.
- During an ECE upgrade, the installer ensures the container has the correct image version.
- Elastic Cloud Enterprise now suppresses unnecessary log messages from Filebeat and Metricbeat during ECE startup.
- We fixed log warnings about license expiration to use the correct start date.